Category: Advanced Persistent Threat

• TRACING REGISTRY KEYS

  Microsoft uses Tracing keys to trace issues and monitor applications and their execution. The key is located in the following path C:\Windows\system32\Config\SOFTWARE: Microsoft\Tracing . The key as seen in the registry below In the case of the application svchost.exe, I will focus on the RASAPI32 and RASMANCS registry keys located in SOFTWARE: Microsoft\Tracing\svchost_RASAPI32 SOFTWARE: Microsoft\Tracing\svchost_RASMANCS […]

  Advertisement

  Guy Ngongang on information security

  October 16, 2022

  Advanced Persistent Threat, Registry

• Bitcoin Phishing Ring CoinHoarder

  Cisco’s Talos Group has published their findings on a Bitcoin theft campaign they have been tracking in the Ukraine. By purchasing Google AdWords, the attackers were able to target specific search terms, such as “blockchain” or “bitcoin wallet”. Potential victims, searching for these terms, would see the cybercriminals’ links in the search results as a […]

  Guy Ngongang on information security

  February 16, 2018

  Advanced Persistent Threat, Hacking, Malware

  threat Intelligence

• WannaCry Malware Take Away

  The world has experienced a Cyber Attack according to numerous open-source, classified as a ransomware campaign.It created ten of thousands of infections in Over 150 countries including the United States, United Kingdom,Spain, Russia, Taiwan,France and Japan. The software can run in as many as 27 different languages.The piece of code is affecting only Microsoft Windows […]

  Guy Ngongang on information security

  May 17, 2017

  Advanced Persistent Threat, Incident response, Malware